{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":0,"Second":0,"TimeBased":true,"OriginalID":9960,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:26:49.827358191Z | 136 | PC: 12a51 | UNKNOWN! |
| 2018-12-25T12:26:49.828390556Z | 74 | PC: 12a5e | Reallocate memory |
| 2018-12-25T12:26:49.830407588Z | 74 | PC: 12a65 | Reallocate memory |
| 2018-12-25T12:26:49.83210168Z | 72 | PC: 12a6c | Allocate memory |
| 2018-12-25T12:26:49.833927115Z | 44 | PC: 12a91 | Get time 0x12a91: cmp cl, 0xa 0x12a94: jbe 0x12abc 0x12a96: cmp cl, 0x37 0x12a99: jge 0x12a9b 0x12a9b: xor ax, ax 0x12a9d: mov ds, ax 0x12a9f: push ds 0x12aa0: lds ax, ptr [0x98] 0x12aa4: mov word ptr es:[0x2c7], ax 0x12aa8: mov word ptr es:[0x2c9], ds 0x12aad: pop ds 0x12aae: mov word ptr [0x98], 0x27d 0x12ab4: mov bx, es 0x12ab6: mov word ptr [0x9a], bx 0x12aba: jmp 0x12adb 0x12abc: xor ax, ax 0x12abe: mov ds, ax 0x12ac0: push ds 0x12ac1: lds ax, ptr [0x24] 0x12ac5: mov word ptr es:[0x2bf], ax |
{"DateBased":false,"Day":0,"Month":0,"Year":0,"Hour":0,"Min":10,"Second":0,"TimeBased":true,"OriginalID":9960,"SideJobID":0}
.
GIF
Syscalls:
| Time | Syscall Op | Syscall Name |
|---|---|---|
| 2018-12-25T12:26:50.439016443Z | 136 | PC: 12a51 | UNKNOWN! |
| 2018-12-25T12:26:50.440578435Z | 74 | PC: 12a5e | Reallocate memory |
| 2018-12-25T12:26:50.445941894Z | 74 | PC: 12a65 | Reallocate memory |
| 2018-12-25T12:26:50.448320502Z | 72 | PC: 12a6c | Allocate memory |
| 2018-12-25T12:26:50.452376531Z | 44 | PC: 12a91 | Get time 0x12a91: cmp cl, 0xa 0x12a94: jbe 0x12abc 0x12a96: cmp cl, 0x37 0x12a99: jge 0x12a9b 0x12a9b: xor ax, ax 0x12a9d: mov ds, ax 0x12a9f: push ds 0x12aa0: lds ax, ptr [0x98] 0x12aa4: mov word ptr es:[0x2c7], ax 0x12aa8: mov word ptr es:[0x2c9], ds 0x12aad: pop ds 0x12aae: mov word ptr [0x98], 0x27d 0x12ab4: mov bx, es 0x12ab6: mov word ptr [0x9a], bx 0x12aba: jmp 0x12adb 0x12abc: xor ax, ax 0x12abe: mov ds, ax 0x12ac0: push ds 0x12ac1: lds ax, ptr [0x24] 0x12ac5: mov word ptr es:[0x2bf], ax |